Appendix E
Password Handling in Oracle #
When using SICS with an Oracle database the user can change his or her password when logging into SICS, assuming the password is not already expired. This feature can be used in combination with user account settings in Oracle such as password lifetime and password validation. Any error message issued by Oracle during login will be presented to the SICS user. The relevant Oracle error messages are:
ORA-28000the account is lockedORA-28001the password is expiredORA-28003password verification for the specified password failedORA-28007the password cannot be reused
Please note that it’s not possible to change the Oracle account settings from SICS. These parameters must set directly in Oracle by the database administrator. The database administrator must also handle unlocking of locked user accounts (after unsuccessful login or password expiry).
Changing password #
From the SICS login window the user can change the database password (assuming the password is not already expired) by selecting Change Password from the Password menu. If the new password is not accepted by Oracle, error messages received form the databases will be displayed to the user.
Password lifetime #
Password lifetime is controlled by the Profile assigned to the user in Oracle. Typically, one sets the password to expire in xx days, with a grace time of yy days. Once xx days have passed, a warning message is presented to the SICS user during login.
The user can then change the password immediately or when logging in the next time (as described in the previous section). If the user does not change password within the grace time (yy days), the password will expire.
Please note that it is NOT possible to change the password from SICS once the password is expired.